feat: add keypair generation

2024-07-12 18:03:54 +02:00 · 2024-07-12 18:03:54 +02:00 · 22448a2f4d
commit 22448a2f4d
parent a21d9b3d98
2 changed files with 20 additions and 0 deletions
--- a/criteria/variables.json
+++ b/criteria/variables.json
@ -3,6 +3,10 @@
  "title": "rsnapshot Configuration",
  "type": "object",
  "properties": {
+    "rsnapshot_ssh_private_key": {
+      "type": "string",
+      "description": "Name of the SSH private key for backups"
+    },
    "rsnapshot_snapshot_root": {
      "type": "string",
      "description": "Root directory where all snapshots will be stored"
--- a/tasks/_configure.yml
+++ b/tasks/_configure.yml
@ -20,4 +20,20 @@
    owner: root
    group: root

+- name: "Create a SSH keypair for backups"
+  ansible.builtin.command:
+    cmd: "ssh-keygen -t rsa -b 4096 -f /root/.ssh/{{ rsnapshot_ssh_private_key }} -N ''"
+
+- name: "Register content of public key as ansible variable"
+  ansible.builtin.command:
+    cmd: "cat /root/.ssh/{{ rsnapshot_ssh_public_key }} >> /root/.ssh/authorized_keys"
+  register: rsnapshot_ssh_public_key
+
+- name: "Deploy SSH keypair"
+  ansible.builtin.authorized_key:
+    path: /root/.ssh/authorized_keys
+    user: root
+    key: "{{ rsnapshot_ssh_public_key.stdout }}"
+  delegate_to: "{{ item.remote.host }}"
+  loop: "{{ rsnapshot_backups }}"
 #